urlscan.io logo urlscan.io
SecurityTrails logo

id.pagar.me Open in urlscan Pro
2606:4700::6813:d430  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://beta.dashboard.pagar.me/
Effective URL: https://id.pagar.me/signin
Submission: On August 31 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 1 countries across 9 domains to perform 45 HTTP transactions. The main IP is 2606:4700::6813:d430, located in United States and belongs to CLOUDFLARENET, US. The main domain is id.pagar.me.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on October 26th 2023. Valid for: a year.
This is the only time id.pagar.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 13.225.63.92 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 35.244.191.148 396982 (GOOGLE-CL...)
1 108.139.54.225 16509 (AMAZON-02)
6 136.146.28.8 14340 (SALESFORCE)
2 35.186.194.58 15169 (GOOGLE)
1 136.146.27.2 14340 (SALESFORCE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 136.146.30.66 14340 (SALESFORCE)
5 2606:4700::68... 13335 (CLOUDFLAR...)
45 13
10    13.225.63.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-92.ewr53.r.cloudfront.net
beta.dashboard.pagar.me
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2607:f8b0:4006:80d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    35.201.112.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
1    35.244.191.148 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 148.191.244.35.bc.googleusercontent.com
static.rex.pagar.me
1    108.139.54.225 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-54-225.jfk50.r.cloudfront.net
www.datadoghq-browser-agent.com
6    136.146.28.8 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl13-ncg1-c7-iad4.na225-ia6.force.com
service.force.com
2    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
1    136.146.27.2 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl12-ncg1-c7-iad4.na223-ia6.force.com
service.force.com
3    2607:f8b0:4006:81d::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    136.146.30.66 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl15-ncg1-c7-iad4.la1-c1-ia6.salesforceliveagent.com
d.la1-c1-ia6.salesforceliveagent.com
5    2606:4700::6813:d430 (United States)

ASN13335 (CLOUDFLARENET, US)
id.pagar.me
Apex Domain
Subdomains		 Transfer
16 pagar.me
beta.dashboard.pagar.me
static.rex.pagar.me
id.pagar.me Failed
17 MB
7 force.com
service.force.com — Cisco Umbrella Rank: 6720
28 KB
4 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 4178
rs.fullstory.com — Cisco Umbrella Rank: 4041
80 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 salesforceliveagent.com
d.la1-c1-ia6.salesforceliveagent.com — Cisco Umbrella Rank: 100908
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com Failed
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
174 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 336
41 KB
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2536
50 KB
0 zopim.com Failed
v2.zopim.com Failed
45 9
Domain Requested by
10 beta.dashboard.pagar.me beta.dashboard.pagar.me
7 service.force.com beta.dashboard.pagar.me
5 id.pagar.me beta.dashboard.pagar.me
id.pagar.me
3 www.google-analytics.com beta.dashboard.pagar.me
2 d.la1-c1-ia6.salesforceliveagent.com beta.dashboard.pagar.me
2 rs.fullstory.com beta.dashboard.pagar.me
edge.fullstory.com
2 edge.fullstory.com beta.dashboard.pagar.me
2 www.googletagmanager.com beta.dashboard.pagar.me
2 cdnjs.cloudflare.com beta.dashboard.pagar.me
1 www.datadoghq-browser-agent.com beta.dashboard.pagar.me
1 static.rex.pagar.me beta.dashboard.pagar.me
0 d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com Failed beta.dashboard.pagar.me
0 v2.zopim.com Failed beta.dashboard.pagar.me
45 13

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
beta.dashboard.pagar.me
Amazon RSA 2048 M01		 2023-10-01 -
2024-10-29		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-05 -
2024-10-28		 3 months crt.sh
edge.fullstory.com
WR3		 2024-08-24 -
2024-11-22		 3 months crt.sh
static.rex.pagar.me
WR3		 2024-07-08 -
2024-10-06		 3 months crt.sh
*.datadoghq-browser-agent.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-08-03		 a year crt.sh
*.na225.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-23 -
2025-02-20		 a year crt.sh
rs.fullstory.com
WR3		 2024-08-25 -
2024-11-23		 3 months crt.sh
*.na223.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-23 -
2025-02-20		 a year crt.sh
la1-c1-ia6.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-08-09 -
2025-08-09		 a year crt.sh
id.pagar.me
Cloudflare Inc ECC CA-3		 2023-10-26 -
2024-10-25		 a year crt.sh

This page contains 2 frames:

Primary Page: https://id.pagar.me/signin
Frame ID: CD07C07ECDA758A6E73E8C8566CE1016
Requests: 44 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://beta.dashboard.pagar.me/
Frame ID: 20203013DE0E67F23D0AB1A2290305C3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Attention Required! | Cloudflare

Page URL History Show full URLs

  1. https://beta.dashboard.pagar.me/ Page URL
  2. https://id.pagar.me/signin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • service\.force\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

82 %
HTTPS

33 %
IPv6

9
Domains

13
Subdomains

13
IPs

1
Countries

17930 kB
Transfer

19834 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://beta.dashboard.pagar.me/ Page URL
  2. https://id.pagar.me/signin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
beta.dashboard.pagar.me/ 		30 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ab720bb1802a1ec217e494b6e48a3907c68c555e94ce94d4b5a1823cb8a44d7
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-encoding
gzip
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
content-type
text/html
date
Sat, 31 Aug 2024 16:35:18 GMT
etag
W/"4e5a1250a94306acfb1b98b340be1318"
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
x-amz-cf-id
8jatPrXIWBh-tBjgY0_p8cU1-jxS9XqpacVpB5jXl67P7g7x0xjhvg==
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
runtime~main.7a45d280.js
beta.dashboard.pagar.me/static/js/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/js/runtime~main.7a45d280.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
221469e213875a0d7aae1cb1e8fde7ae635d2f13804214746b3ee21922d2f64f
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:18 GMT
server
AmazonS3
etag
W/"d6c53e91a60f947838e2e3e71d3f2411"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
M5BEsvduOI6UboJv_ZacS4PHCLGFP9_q92r22YGBTihLS0PHin-0xg==
vendors.c456595c.js
beta.dashboard.pagar.me/static/js/ 		17 MB
17 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/js/vendors.c456595c.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8d1b620071a278136ba727663c0e9e94296294448807508afe70db3397f5230
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
17490278
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:18 GMT
server
AmazonS3
etag
"b52ed58da7f3136084a6c011525d6725-3"
x-frame-options
SAMEORIGIN
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
VP-mlqU6o4mOyZprnO9cnpUxvDx-Pe0WpkW7VRhEoMErHB_E6H4Xvg==
main.d21beb3c.js
beta.dashboard.pagar.me/static/js/ 		1 MB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/js/main.d21beb3c.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4807eacdd19307a4bc0eaa29fac80783e100a485dda65284141a471b660e418f
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
etag
W/"ad176b84df228c4fcf8e8be4d3b04a7a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
u8qwOBM4i10T4kwolVxECQ55BuvcyTuunUtjFkJA0ir9CzCcnvquSg==
vendors.0bf8d35c.css
beta.dashboard.pagar.me/static/css/ 		206 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/css/vendors.0bf8d35c.css
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
996024ca49d1e744e5e1907b11977f01a8f8390ad9c149f6d9580c9f282db758
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
etag
W/"061a43a4d4935804c6926b4fe057b5c4"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
wS17BgLAOoVxH5-M5HfSJaPXqHUuzAXVp-nxitOd4AWGnmjqW-8NEg==
main.061a8448.css
beta.dashboard.pagar.me/static/css/ 		34 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/css/main.061a8448.css
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35fa0e09b8217abe7400898334620ec39bd1c4f73106899610907b32f5f326d2
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
etag
W/"2e8bfabaf02e857b3b7d6b1754d269e0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
XLaOVLQNb5P2msOBtrWcGJXgkY5FIuihemLkbKjHJOepBlGhzzllcQ==
react.production.min.js
cdnjs.cloudflare.com/ajax/libs/react/18.2.0/umd/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/react/18.2.0/umd/react.production.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
Origin
https://beta.dashboard.pagar.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
763513
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3761
last-modified
Tue, 14 Jun 2022 20:06:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62a8ea2d-eb1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EfjK71sR1nD4bKZPkQZ89UDTtGj%2BayPMlZnORESK0HGvTZ4NGNiTZYc7EGw1rwa5MJEzB34gNoq3gl3hM7xruL0yf84jz5UwMM%2BDtM%2BAjmvPb1q35jS027kY4Nxl8eJVPUiFBo0OhGsYTKXrUX6kE9xi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bbe6ed10d617c6c-EWR
expires
Thu, 21 Aug 2025 16:35:17 GMT
react-dom.production.min.js
cdnjs.cloudflare.com/ajax/libs/react-dom/18.2.0/umd/ 		129 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/react-dom/18.2.0/umd/react-dom.production.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
Origin
https://beta.dashboard.pagar.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
225969
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
37235
last-modified
Tue, 14 Jun 2022 20:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62a8e9d7-9173"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gNY7m7nbUBGa5%2FEkLslDA7jA8c%2Bt3EHJq8knfescg%2FgHYUeuPXerHXCpTygVMZUdjMOfvBLMs7r5aSxsgtBS3g29V1tPSJAlLWpx3eENvCc%2BEDsq6dxtYnWE8DBTcIgH%2FZ7mxCOw%2BhuNWub7DxNKajJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8bbe6ed10d637c6c-EWR
expires
Thu, 21 Aug 2025 16:35:17 GMT
gtm.js
www.googletagmanager.com/ 		226 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MMGHSNN
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8966ab58c29858924d7babf95a8df985d5bf109bb4db6194ba7b1f2ebf8df121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80517
x-xss-protection
0
last-modified
Sat, 31 Aug 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 31 Aug 2024 16:35:17 GMT
fs.js
edge.fullstory.com/s/ 		283 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
29f359572390a59c6a6dd92fedeb480f7ded103c7c9b3430b192e21868858aa4

Request headers

Referer
https://beta.dashboard.pagar.me/
Origin
https://beta.dashboard.pagar.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 15:53:37 GMT
content-encoding
br
age
2500
x-guploader-uploadid
AD-8ljuOjIeLVJWdJgt0sdeI0enRcDix0qQAZN0C0ojxSCFyA7YEiQ-4WgMqFrds91bt_9AoFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78063
last-modified
Thu, 22 Aug 2024 14:51:26 GMT
server
UploadServer
etag
"714fc3f73e63e40aca21bb2228596ef4"
vary
Accept-Encoding
x-goog-generation
1724338286421756
x-goog-hash
crc32c=8sCdjg==, md5=cU/D9z5j5ArKIbsiKFlu9A==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
78063
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 31 Aug 2024 16:53:37 GMT
1.min.js
static.rex.pagar.me/web/ 		30 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.rex.pagar.me/web/1.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.191.148 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
148.191.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6f024bd3faf1fc94acf10e128c881024ec7dd7f6f621bff4fb0d7c1dffd52563

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
x-goog-meta-goog-reserved-file-mtime
1623163700
age
0
x-guploader-uploadid
AD-8ljtJLd-VY7J7dEUxaIRV00LSn__r_LcacpNq1P5BLAieMsvpR6fvmmnucHZNEXhJSwu7_jM
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31215
last-modified
Tue, 08 Jun 2021 14:48:34 GMT
server
UploadServer
etag
"5b520334b6bcd8902b7cbce248207aa3"
x-goog-generation
1623163714843915
x-goog-hash
crc32c=owaBuA==, md5=W1IDNLa82JArfLziSCB6ow==
content-type
application/javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
31215
accept-ranges
bytes
expires
Sat, 31 Aug 2024 17:35:17 GMT
datadog-rum.js
www.datadoghq-browser-agent.com/us1/v4/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/us1/v4/datadog-rum.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.54.225 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-54-225.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:34:21 GMT
content-encoding
br
via
1.1 2c6a244ba6cf015578de7d0a0b6908d4.cloudfront.net (CloudFront)
last-modified
Mon, 09 Oct 2023 09:24:57 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
56
x-amz-server-side-encryption
AES256
etag
W/"2630b3d7ad4a41fac67742216e506d83"
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
uFrSf57EOtlHJgS2ec0gxcgQzAeE5sF7E-o0qBeTKkhIEYng4-YZ5A==
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 04 Jul 2023 00:26:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:17 GMT
web
edge.fullstory.com/s/settings/BKP05/v1/ 		18 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/settings/BKP05/v1/web
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
551a9b9c8f273c5929e7176bfacd08f5e00ca2e60c692eda6edd9f493b246499

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
AD-8ljs4cy7bI5JndgrTGHIBkiU1yiK_e6a3jqxu1sLu1jhW7V_CGKtD5elXoypGOPU8SbaSdg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2224
last-modified
Sat, 31 Aug 2024 16:32:34 GMT
server
UploadServer
etag
"65d33c37525ee6f6ecd712e6a5dde4db"
x-goog-generation
1724673454024897
x-goog-hash
crc32c=0MRn/w==, md5=ZdM8N1Je5vbs1xLmpd3k2w==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
2224
accept-ranges
bytes
content-type
application/json
expires
Sat, 31 Aug 2024 16:50:17 GMT
page
rs.fullstory.com/rec/ 		1 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
df65d4bbecec94cd18e5538a82536dbbf0a043409de6e924ee072d2cb4be5489

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
content-encoding
gzip
via
1.1 google
content-type
application/json; charset=utf-8
access-control-allow-origin
https://beta.dashboard.pagar.me
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
548
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Thu, 17 Feb 2022 23:57:30 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:17 GMT
9919edff6283018571ad.ttf
beta.dashboard.pagar.me/static/media/ 		73 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/media/9919edff6283018571ad.ttf
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/static/css/vendors.0bf8d35c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/static/css/vendors.0bf8d35c.css
Origin
https://beta.dashboard.pagar.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:18 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:19 GMT
server
AmazonS3
etag
W/"2d36b1a925432bae7f3c53a340868c6e"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/ttf
access-control-allow-origin
*
access-control-expose-headers
ETag, content-length
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-amz-cf-id
-NHJlMR4sAauo526zzNsBFXKYBhrrKjdldV0Ep1qh6nBi2GCuIJ7Nw==
esw.min.css
service.force.com/embeddedservice/5.0/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Fri, 27 Aug 2021 14:11:56 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/css
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:17 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:17 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Wed, 17 Aug 2022 20:11:18 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:17 GMT
esw.html
service.force.com/embeddedservice/5.0/ Frame 2020 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://beta.dashboard.pagar.me/
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.27.2 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl12-ncg1-c7-iad4.na223-ia6.force.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public,max-age=86400
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=UTF-8
date
Sat, 31 Aug 2024 16:35:20 GMT
expires
Sun, 01 Sep 2024 16:35:20 GMT
last-modified
Thu, 14 Sep 2023 00:07:46 GMT
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
referrer-policy
origin-when-cross-origin
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-robots-tag
none
Lato-Regular.ttf
beta.dashboard.pagar.me/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/Lato-Regular.ttf
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
Origin
https://beta.dashboard.pagar.me
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:19 GMT
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-cache
Error from cloudfront
x-xss-protection
1; mode=block
server
AmazonS3
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/xml
access-control-allow-origin
*
access-control-expose-headers
ETag, content-length
x-frame-options
SAMEORIGIN
x-amz-cf-id
Li9vBHJv3VxD_en_8uRErdieZZDqVtOjqtYHh4K64pQpXWmZpiDv5w==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 31 Aug 2024 16:06:04 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1756
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 31 Aug 2024 18:06:04 GMT
/
v2.zopim.com/ 		0
0
login.87484efa.chunk.css
beta.dashboard.pagar.me/static/css/ 		2 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/css/login.87484efa.chunk.css
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:21 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
etag
W/"bee701f911392628cd447e3dabae2ff2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css
x-amz-cf-id
m5XlaHytuAAo36dMap4X9wEXVwZ2mGCdOni6LuK7OzTMwr0dD-joYg==
login.e7bf754e.chunk.js
beta.dashboard.pagar.me/static/js/ 		44 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://beta.dashboard.pagar.me/static/js/login.e7bf754e.chunk.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-92.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:21 GMT
content-encoding
gzip
via
1.1 3425db2c749d144a96b60e99c2493db0.cloudfront.net (CloudFront)
content-security-policy
default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
x-xss-protection
1; mode=block
last-modified
Thu, 22 Aug 2024 18:53:17 GMT
server
AmazonS3
etag
W/"bd1411a2548eb3253793468ad6f7f632"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-amz-cf-id
WtNPrg8PBJlbGnOXUHbKi00l45beL2Pf8FcxaLc9VGIHDDvPdv0QYQ==
v2
rs.fullstory.com/rec/bundle/ 		29 B
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=BKP05&UserId=573e2008-4f9d-4335-ab08-67cc34413dba&SessionId=0dfc04fd-e6a4-4ca6-8134-c1debac24092&PageId=ba04f141-879d-4853-a683-ac3c927e085e&Seq=1&ClientTime=1725122120494&PageStart=1725122117720&PrevBundleTime=0&LastActivity=47&IsNewSession=true&ContentEncoding=gzip
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://beta.dashboard.pagar.me
date
Sat, 31 Aug 2024 16:35:20 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
content-type
application/json; charset=utf-8
EmbeddedServiceConfig.jsonp
d.la1-c1-ia6.salesforceliveagent.com/chat/rest/EmbeddedService/ 		174 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-ia6.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00DDn000000IVKf&EmbeddedServiceConfig.configName=Atendimento_Chat_CS&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=pt-BR
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.146.30.66 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl15-ncg1-c7-iad4.la1-c1-ia6.salesforceliveagent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Fri, 24 Sep 2021 16:25:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:20 GMT
collect
www.google-analytics.com/j/ 		15 B
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1337334394&t=pageview&_s=1&dl=https%3A%2F%2Fbeta.dashboard.pagar.me%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Pagar.me%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=2053067236&gjid=1921926798&cid=964457975.1725122121&tid=UA-124841276-1&_gid=1269243527.1725122121&_r=1&_slc=1&gtm=45He48s0n81MMGHSNNv79773355za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=1313322082
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 16:35:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://beta.dashboard.pagar.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1337334394&t=pageview&_s=1&dl=https%3A%2F%2Fbeta.dashboard.pagar.me%2F&dp=%2Faccount%2Flogin&ul=en-us&de=UTF-8&dt=Pagar.me%20Dashboard&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=&gjid=&cid=964457975.1725122121&tid=UA-124841276-1&_gid=1269243527.1725122121&gtm=45He48s0n81MMGHSNNv79773355za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=758018033
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 31 Aug 2024 02:01:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52460
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		275 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WRLR10Z3MS&cx=c&_slc=1
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
97489
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 31 Aug 2024 16:35:20 GMT
Settings.jsonp
d.la1-c1-ia6.salesforceliveagent.com/chat/rest/Visitor/ 		177 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la1-c1-ia6.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[573Dn000000Z68U]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=572Dn000000Z6AP&org_id=00DDn000000IVKf&version=48
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
136.146.30.66 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl15-ncg1-c7-iad4.la1-c1-ia6.salesforceliveagent.com
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.146.28.8 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl13-ncg1-c7-iad4.na225-ia6.force.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://beta.dashboard.pagar.me/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date
Sat, 31 Aug 2024 16:35:20 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
last-modified
Tue, 18 Aug 2020 17:12:46 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public,max-age=86400
origin-trial
AkBgNlDiY3u6JLOlyCHNo+uI//ZsQNGdALGkaqj2TaJPsaytJKhRW2ej+qKdkIs3auzeCWPCYX2AE/jVxzJS0AwAAABaeyJvcmlnaW4iOiJodHRwczovL2ZvcmNlLmNvbTo0NDMiLCJmZWF0dXJlIjoiVHBjZCIsImV4cGlyeSI6MTczNTM0Mzk5OSwiaXNTdWJkb21haW4iOnRydWV9
accept-ranges
bytes
x-robots-tag
none
expires
Sun, 01 Sep 2024 16:35:20 GMT
signin
id.pagar.me/ 		0
0
signin
id.pagar.me/ 		0
0
Primary Request signin
id.pagar.me/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://id.pagar.me/signin
Requested by
Host: beta.dashboard.pagar.me
URL: https://beta.dashboard.pagar.me/static/js/login.e7bf754e.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b2e36a46b55940a5b2eaadd914b7b39f8867cb33250567b131590e54666bf94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://beta.dashboard.pagar.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

CF-RAY
8bbe6ee5fcdb4240-EWR
Cache-Control
max-age=15
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Sat, 31 Aug 2024 16:35:20 GMT
Expires
Sat, 31 Aug 2024 16:35:35 GMT
Referrer-Policy
same-origin
Server
cloudflare
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
EmbeddedServiceConfig.jsonp
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com/chat/rest/EmbeddedService/ 		0
0
Settings.jsonp
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com/chat/rest/Visitor/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
v2
rs.fullstory.com/rec/bundle/ 		0
0
collect
www.google-analytics.com/g/ 		0
0
cf.errors.css
id.pagar.me/cdn-cgi/styles/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://id.pagar.me/cdn-cgi/styles/cf.errors.css
Requested by
Host: id.pagar.me
URL: https://id.pagar.me/signin
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://id.pagar.me/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 16:35:20 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Aug 2024 19:10:22 GMT
Server
cloudflare
ETag
W/"66ce249e-5df3"
Transfer-Encoding
chunked
X-Frame-Options
DENY
Content-Type
text/css
Vary
Accept-Encoding
Cache-Control
max-age=7200, public
Connection
keep-alive
CF-RAY
8bbe6ee71deb4240-EWR
Expires
Sat, 31 Aug 2024 18:35:20 GMT
browser-bar.png
id.pagar.me/cdn-cgi/images/ 		715 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.pagar.me/cdn-cgi/images/browser-bar.png?1376755637
Requested by
Host: id.pagar.me
URL: https://id.pagar.me/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://id.pagar.me/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 16:35:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Aug 2024 19:10:22 GMT
Server
cloudflare
ETag
"66ce249e-2cb"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8bbe6ee73e044240-EWR
Content-Length
715
Expires
Sat, 31 Aug 2024 18:35:20 GMT
cf-no-screenshot-error.png
id.pagar.me/cdn-cgi/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.pagar.me/cdn-cgi/images/cf-no-screenshot-error.png
Requested by
Host: id.pagar.me
URL: https://id.pagar.me/cdn-cgi/styles/cf.errors.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://id.pagar.me/cdn-cgi/styles/cf.errors.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 16:35:20 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 27 Aug 2024 19:10:22 GMT
Server
cloudflare
ETag
"66ce249e-c8d"
X-Frame-Options
DENY
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
max-age=7200, public
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
8bbe6ee73e0d4240-EWR
Content-Length
3213
Expires
Sat, 31 Aug 2024 18:35:20 GMT
favicon.ico
id.pagar.me/ 		4 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://id.pagar.me/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d430 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dda5013ab3ac76bbdbae52f044c11806e53250ca38820a00f247cf6baa97141
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://id.pagar.me/signin
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date
Sat, 31 Aug 2024 16:35:20 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Referrer-Policy
same-origin
Content-Encoding
gzip
Server
cloudflare
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Cache-Control
max-age=15
Connection
keep-alive
CF-RAY
8bbe6ee75e1d4240-EWR
Expires
Sat, 31 Aug 2024 16:35:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
v2.zopim.com
URL
https://v2.zopim.com/?5pDkyKYXYPveMW8kzpmXjpxR46b1FCKc
Domain
id.pagar.me
URL
https://id.pagar.me/signin
Domain
id.pagar.me
URL
https://id.pagar.me/signin
Domain
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com
URL
https://d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00DDn000000IVKf&EmbeddedServiceConfig.configName=Atendimento_Chat_CS&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48&EmbeddedServiceConfig.language=pt-BR
Domain
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com
URL
https://d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[573Dn000000Z68U]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=572Dn000000Z6AP&org_id=00DDn000000IVKf&version=48
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WRLR10Z3MS&gtm=45je48s0v9125904571za200&_p=1725122117297&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=964457975.1725122121&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fbeta.dashboard.pagar.me%2F&dp=%2F&dt=Pagar.me%20Dashboard&sid=1725122120&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3587
Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/bundle/v2?OrgId=BKP05&UserId=573e2008-4f9d-4335-ab08-67cc34413dba&SessionId=0dfc04fd-e6a4-4ca6-8134-c1debac24092&PageId=ba04f141-879d-4853-a683-ac3c927e085e&Seq=2&ClientTime=1725122120764&PageStart=1725122117720&PrevBundleTime=1725122120513&IsNewSession=true&SkipResponseBody=true
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-WRLR10Z3MS&gtm=45je48s0v9125904571za200&_p=1725122117297&gcd=13l3l3l3l2l1&npa=0&dma=0&tag_exp=0&ul=en-us&sr=1600x1200&cid=964457975.1725122121&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=2&dl=https%3A%2F%2Fbeta.dashboard.pagar.me%2F&dp=%2Faccount%2Flogin&dt=Pagar.me%20Dashboard&sid=1725122120&sct=1&seg=1&en=page_view&_ee=1&_et=3&tfd=3640

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_translation

9 Cookies

Domain/Path Name / Value
.force.com/ Name: BrowserId
Value: AZbxZGe3Ee-RXkFwaaUQQQ
.pagar.me/ Name: fs_lua
Value: 1.1725122117719
.pagar.me/ Name: fs_uid
Value: #BKP05#573e2008-4f9d-4335-ab08-67cc34413dba:0dfc04fd-e6a4-4ca6-8134-c1debac24092:1725122117719::1#/1756658119
.pagar.me/ Name: _ga
Value: GA1.2.964457975.1725122121
.pagar.me/ Name: _gid
Value: GA1.2.1269243527.1725122121
.pagar.me/ Name: _gat_UA-124841276-1
Value: 1
beta.dashboard.pagar.me/ Name: _dd_s
Value: rum=0&expire=1725123017537
.pagar.me/ Name: __cf_bm
Value: BD0fX0x0O9FkBrYiqURY4TEXSi_xWIhDrun53dIvyIs-1725122120-1.0.1.1-BX5d.SK4fbI82yQmX.dQm549rmkwcKM7OiWDT._e835G6PRHSeOsLDUcGRcnqXFK0ZlwHyIUUm6SL3GQ4yGH0Q
.pagar.me/ Name: _ga_WRLR10Z3MS
Value: GS1.2.1725122120.1.1.1725122120.0.0.0

4 Console Messages

Source Level URL
Text
network error URL: https://beta.dashboard.pagar.me/Lato-Regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://beta.dashboard.pagar.me/
Message:
Refused to load the script 'https://v2.zopim.com/?5pDkyKYXYPveMW8kzpmXjpxR46b1FCKc' because it violates the following Content Security Policy directive: "script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline'".
network error URL: https://id.pagar.me/signin
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://id.pagar.me/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https://*.my.salesforce-sites.com https://service.force.com https://*.browser-intake-datadoghq.com https://*.googleapis.com https://www.youtube.com/ https://*.ytimg.com https://*.cloudfront.net/ https://pagarme.github.io/ https://*.pagar.me/ https://brasilapi.com.br/ wss://*.appcues.net https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://*.pagarme.net/ https://*.pagar.me/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.fullstory.com https://brasilapi.com.br/ wss://*.appcues.net https://*.mundipagg.com https://*.pagar.me:3000 https://*.pagarme.net data: 'self' 'unsafe-inline'; script-src 'self' https://*.pagar.me/ https://*.stg.pagarme.net https://*.gstatic.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://*.newrelic.com/ https://www.google-analytics.com/ https://www.google.com/recaptcha/ https://fast.appcues.com/ https://*.doubleclick.net/ 'unsafe-eval' 'unsafe-inline'; img-src 'self' https://*.cloudinary.com https://*.ytimg.com https://*.cloudfront.net/ https://www.google-analytics.co https://www.google-analytics.com/ https://s3-sa-east-1.amazonaws.com/ https://*.acesso.io/ https://*.zopim.io/ data:; script-src-elem 'self' https://stoneco.my.salesforce-sites.com/ https://static.lightning.force.com https://*.my.salesforce.com https://*.salesforceliveagent.com https://service.force.com https://*.datadoghq-browser-agent.com https://*.pagar.me/ https://*.gstatic.com/ https://www.google.com/ https://fast.appcues.com/ https://www.googletagmanager.com/ https://*.fullstory.com https://cdnjs.cloudflare.com/ https://www.google-analytics.com/ https://*.doubleclick.net/ https://*.pagarme.net 'unsafe-eval' 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.dashboard.pagar.me
cdnjs.cloudflare.com
d.la1-c1-ia6.salesforceliveagent.com
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com
edge.fullstory.com
id.pagar.me
rs.fullstory.com
service.force.com
static.rex.pagar.me
v2.zopim.com
www.datadoghq-browser-agent.com
www.google-analytics.com
www.googletagmanager.com
d.la1-core1.sfdc-xwy4ub.salesforceliveagent.com
id.pagar.me
rs.fullstory.com
v2.zopim.com
www.google-analytics.com
108.139.54.225
13.225.63.92
136.146.27.2
136.146.28.8
136.146.30.66
2606:4700::6811:180e
2606:4700::6813:d430
2607:f8b0:4006:80d::2008
2607:f8b0:4006:81d::200e
35.186.194.58
35.201.112.186
35.244.191.148
1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
21758ed084cd0e37e735722ee4f3957ea960628a29dfa6c3ce1a1d47a2d6e4f7
221469e213875a0d7aae1cb1e8fde7ae635d2f13804214746b3ee21922d2f64f
29f359572390a59c6a6dd92fedeb480f7ded103c7c9b3430b192e21868858aa4
2b2e36a46b55940a5b2eaadd914b7b39f8867cb33250567b131590e54666bf94
35fa0e09b8217abe7400898334620ec39bd1c4f73106899610907b32f5f326d2
3ab720bb1802a1ec217e494b6e48a3907c68c555e94ce94d4b5a1823cb8a44d7
4807eacdd19307a4bc0eaa29fac80783e100a485dda65284141a471b660e418f
4b4969fa4ef3594324da2c6d78ce8766fbbc2fd121fff395aedf997db0a99a06
551a9b9c8f273c5929e7176bfacd08f5e00ca2e60c692eda6edd9f493b246499
6f024bd3faf1fc94acf10e128c881024ec7dd7f6f621bff4fb0d7c1dffd52563
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
8966ab58c29858924d7babf95a8df985d5bf109bb4db6194ba7b1f2ebf8df121
8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
8dda5013ab3ac76bbdbae52f044c11806e53250ca38820a00f247cf6baa97141
996024ca49d1e744e5e1907b11977f01a8f8390ad9c149f6d9580c9f282db758
cd5eb76033d96219a0c4fe45fb0df10202e1febcb4d086fb1305f1b3304a6b1a
d8d1b620071a278136ba727663c0e9e94296294448807508afe70db3397f5230
df65d4bbecec94cd18e5538a82536dbbf0a043409de6e924ee072d2cb4be5489
ea8979c22cf1d830e3ff939aadd49cc4d78c851e3cb59d2aa95ea10ee752d5d1
ef4dcc4dab4d780f44939c455d4720cab662b2f5fabc36ebc33a21f4cdbecd4e